FWIW I'm fairly convinced that the first vulnerable version for CVE-2020-5310 is 6.0.0, which is the first release that included https://github.com/python-pillow/Pillow/commit/e91b851fdc1c914419543f485bdbaa010790719f which introduced the overflow when switching away from the safer TIFFTileSize & TIFFStripSize in the critical lines.
So you can probably mark 5.4.1 as safe for CVE-2020-5310 robert.
